Full Disclosure mailing list archives

Re: MS03-039 has been released - critical

From: "Exibar" <exibar () thelair com>
Date: Wed, 10 Sep 2003 16:47:11 -0400

This has been confirmed, just in case anyone was still fuzzy on this.

"039 has 1 DoS and 2 (new) BOs. All of the info in 039 is "new" and
doesn't recycle 026 info. Though 039 also includes 026 fixes, of course.

Important point - the NEW (ms03-039) bulletin is all NEW info."

Exibar

----- Original Message ----- 
From: "Exibar" <exibar () thelair com>
To: <full-disclosure () lists netsys com>; "Mike Tancsa" <mike () sentex net>
Sent: Wednesday, September 10, 2003 3:05 PM
Subject: Re: [Full-disclosure] MS03-039 has been released - critical

To add to my previous reply.   The DoS is the only thing in MS03-039 that

is

"old".  The two buffer overflows are brand new and are not the same as
MS03-026.  These are the real dangers here, not that the DoS isn't
dangerous, but the buffer overflows are the keys to the security alert.

   Does anyone know if there is a 'sploit for the buffer overflows in the
wild?

  Exibar


----- Original Message -----
From: "Mike Tancsa" <mike () sentex net>
To: "Exibar" <exibar () thelair com>; <full-disclosure () lists netsys com>
Sent: Wednesday, September 10, 2003 2:54 PM
Subject: Re: [Full-disclosure] MS03-039 has been released - critical


http://xforce.iss.net/xforce/alerts/id/152 says,

"The new DoS vulnerability was disclosed by a hacking group in China on
July 25, 2003, and functional exploit code is already in use on the
Internet. "

         ---Mike


At 01:41 PM 10/09/2003, Exibar wrote:

anyone know of a 'sploit for this one yet?  Or even proof of concept

code?



----- Original Message -----
From: "Ryan, Pete" <pete.ryan () thomson com>
To: <full-disclosure () lists netsys com>
Sent: Wednesday, September 10, 2003 12:23 PM
Subject: [Full-disclosure] MS03-039 has been released - critical


http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/

bulletin/MS03-039.asp

-Pete

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

MS03-039 has been released - critical Ryan, Pete (Sep 10)
- Re: MS03-039 has been released - critical Exibar (Sep 10)
  - Re: MS03-039 has been released - critical Mike Tancsa (Sep 10)
    - Re: MS03-039 has been released - critical Exibar (Sep 10)
    - Re: MS03-039 has been released - critical Exibar (Sep 10)
    - Re: MS03-039 has been released - critical Exibar (Sep 10)
    - SV: MS03-039 has been released - critical Peter Kruse (Sep 10)
    - RE: MS03-039 has been released - critical Marc Maiffret (Sep 10)
    - RE: [inbox] RE: MS03-039 has been released - critical Exibar (Sep 10)
    - RE: [inbox] RE: MS03-039 has been released - critical Jade E. Deane (Sep 10)
    - The role of explicit advisories (was: MS03-039 has been released - critical) l8km7gr02 (Sep 11)
    - Re: MS03-039 has been released (DoS) sploit ? Elv1S (Sep 10)
    - Re: Re: MS03-039 has been released (DoS) sploit ? Yannick Van Osselaer (Sep 10)
    - RE: [inbox] Re: MS03-039 has been released (DoS) sploit ? Exibar (Sep 10)
  - Re: MS03-039 has been released - critical Jordan Wiens (Sep 10)

(Thread continues...)